COMP6445 Notices
Notices
-
Casual Job Opportunities with UNW IT
Posted by Rahat Masood Wednesday 21 August 2024, 07:25:38 PM.
Hi Everyone,
I receive a request to announce following job opportunities with UNSW IT. If it is of interest to you, please forward me your CV.
There are H2 casual employment opportunities for 2024.We will be recruiting 4 casuals. The 4 projects for this phase are listed below. Would you be able to socialise with your students in case anyone is interested?
The engagement will be 2 days a week (Tuesday and Thursday) working from the UNSW Library Building Level 13, for 8 weeks. The role is level 5.
Project 1: SIEM log source review and documentation
This project will focus on documenting the Security Information and Event Management (SIEM) log sources in a structured format. The initiative requires the collection and analysis of security log source information to document data fields, formats, types, and descriptors to improve response, understanding, and correlation of log data.
<u>The deliverables expected from this project include: - </u>
- Comprehensive reference document listing the log sources and data fields captured by the SIEM.
- Documented report of findings including data inconsistencies, parsing errors, missing fields, and other issues.
Project 2: Business unit wise reporting automation (power BI+ pdf creation + scheduling +email notification) of mandatory training compliance + phishing sims results.
The project aims to automate the reporting of mandatory training compliance and phishing simulation results for different business units using Power BI. By integrating Power BI's data visualization capabilities, the project will generate detailed reports that provide insights into compliance levels and phishing test performance for different business units at UNSW. These reports will be automatically converted into PDF format and scheduled for regular distribution to relevant stakeholders. Additionally, the project includes an email notification system that alerts stakeholders about report availability, ensuring that business units remain informed and can take proactive measures to improve training outcomes and security awareness.
<u>The deliverables expected from this project include:</u>
- Automated Power BI Dashboards: Develop interactive Power BI dashboards that visualize training compliance and phishing simulation results for each business unit.
- Scheduled PDF Report Generation : Implement a system to automatically generate PDF versions of the Power BI dashboards at regular intervals.
- Email Notification System : Create an automated email notification system that sends alerts to stakeholders when new reports are generated.
- Integration and Data Workflow : Establish a robust data integration workflow that collects and processes data from various sources, such as LMS eLearning (UCYBER) completion rates and phishing simulation tools (ProofPoint).
- User Training and Documentation : Provide training sessions and comprehensive documentation for users and administrators on how to access, interpret, and utilise the reports and dashboards.
Project 3: Cyber Security Services’ Analytics Reporting and automation (power BI with real time data).
Gather requirements from IT Business Partner team on the Cyber Security Service Reports, extract the data into the Power BI dashboard and automate the reporting by converting to PDF and scheduling to stakeholders via email(this pattern is already build and available for reference). The project will generate detailed dashboards that provide insights into cyber security service requests raised by Faculties and Schools at UNSW. These dashboards will have the capability to be converted into PDFs for distribution to relevant stakeholders via email.
<u>The deliverables expected from this project include:</u>
- Automated Power BI Dashboards: Develop interactive Power BI dashboards to visualize cyber security service requests status faculty/school.
- Scheduled PDF Report Generation : Implement a system to automatically generate PDF versions of the Power BI dashboards on an as needed basis.
- Email Notification System : Create an automated email notification system that sends the PDF reports to stakeholders.
- Integration and Data Workflow : Establish a robust data integration workflow that collects and processes data from MyCyberHub.
- User Training and Documentation : Provide training sessions and comprehensive documentation for users and administrators on how to access, interpret, and utilise the reports and dashboards.
Certainly! Here is a project description and deliverables outline for "Project 4" based on the format provided:
Project 4: Development and Automation of Security Metrics Reporting (Power BI with Real-Time Data)
Project Overview:
The aim of this project is to identify and develop new security metrics that provide insights into the organization’s security posture. These metrics will be integrated into Power BI dashboards for real-time data visualization and automated reporting. The project will enhance the visibility of security operations and facilitate informed decision-making by stakeholders. The dashboards will be capable of being converted into PDFs for easy distribution via email.
Project Deliverables:
- New Security Metrics Identification: Collaborate with the IT Security and Risk Management teams to identify and define new security metrics that align with organizational goals and objectives.
- Automated Power BI Dashboards: Develop interactive Power BI dashboards to visualize the new security metrics, providing insights into various aspects of the organization’s security posture.
- Scheduled PDF Report Generation: Implement a system to automatically generate PDF versions of the Power BI dashboards on a scheduled basis to ensure timely delivery of insights.
- Email Notification System: Create an automated email notification system that sends the PDF reports to relevant stakeholders, ensuring they receive the latest security metrics and insights.
- Integration and Data Workflow: Establish a robust data integration workflow that collects and processes data from relevant sources, such as security tools and databases, ensuring real-time data availability.
- User Training and Documentation: Provide training sessions and comprehensive documentation for users and administrators on how to access, interpret, and utilize the new security metrics and dashboards.
-
[Important] Exam Information
Posted by Rahat Masood Monday 12 August 2024, 01:25:57 PM.
Hi Everyone,
I hope you are all set for the online exam on Thursday 15th August. Exam will start at 12:00 PM and finishes at 3:00 PM. You can find final exam questions at Moodle. COMP6445 students should check the section "COMP6445 - Final Exam" and COMP6845 students should check the section "COMP6845 - Final Exam" for the 4 types of questions.
It is important that you complete the correct question set of the course you are enrolled in, since the short answer and long answer questions will be different between the two courses.
https://moodle.telt.unsw.edu.au/course/view.php?id=84379
Exam Structure:
There will be 4 types of questions in COMP6445 and COMP6845 exam.
1. Multiple Choice Questions
2. CTF Challenges
3. Short Q/As
4. Long Q/AsThere will be 20 minutes to complete the multiple choice section starting at 12pm (and thus 2h40min for the other three sections). The exam is written as a 2 hour exam to run in a 3 hour window. The 4 sections are approximately each worth 1/4 of the total marks (but not exactly).
CTF Challenges:
The CTF Challenges will require a Linux Machine/VM with the only non built-in commands being a hash cracking tool. This means that autopsy, volatility, illeap and alleap will not be required. All responses to CTF Challenges will be submitted on Moodle, and there is no external site being used for submissions. File sizes for these challenges will be small, the maximum being around 40mB.
Exam Live Page:
I have also configured an Exam Live page that will be accessible 5 min before the exam starts for any non private questions that occur during the exam.
For any queries or questions during the exam, please use this WebCMS "Exam Live" page. You can also access this page from the side bar menu of WebCMS. It is at the top.
https://webcms3.cse.unsw.edu.au/COMP6445/24T2/resources/102665
We will start monitoring this page from 12pm till 3pm.
We have also created EXAM FAQ page for any general questions that you might have.
https://webcms3.cse.unsw.edu.au/COMP6445/24T2/resources/102467
NOTE: Please avoid using any other sort of communication with each other during the exam. Please do not use slack or any other medium. If you have any personal questions, please email at cs6445@cse.unse.edu.au
If you have any questions please reach out, all these details have also been added to the WebCMS FAQ page.
Wishing you all best of luck for the exam!.
Regards,
COMP6445/6845 Teaching Team. -
[Reminder] Mock Trial Tomorrow at 6pm
Posted by Rahat Masood Sunday 04 August 2024, 05:09:21 PM.
Hi Everyone,
I hope you all are having a great weekend. This is just to remind you that we will be having a Mock Trial tomorrow from 6:00PM to 8:30 PM (approx.). The Mock Trial location is Moot Court Room at School of Law Building.
Please try to attend this trial as it will be very useful to see how forensics professionals work in court and also witness some of the great work done by your peers in reports.
Regards,
Rahat.
-
[Important Announcement] In-person Mock Trial Next Monday (5th August at 6:00 PM)
Posted by Rahat Masood Tuesday 30 July 2024, 01:34:39 PM.
Hi Everyone,
This announcement is to let you know that we will have Mock Trial next week on Monday (5th August from 6:00PM to 8:30 PM (approx.). The Mock Trial location is in Moot Court Room in Law Building.
The Mock Trial will be in-person and there will be no recording or online zoom session available. It is requested to all students to be in-person to get real-life mock case trial experience. We have selected students who will act as expert witnesses. Here are some points to note for the mock trial.
Mock Trial will be in-person. NO remote/online sessions
Please be in the court room (lecture theatre) at 5:45PM. The court room door will be closed at 5:50PM.
Please wear formal dressing
Very Important Note: Refreshment will be provided after the trial ;-). All of you deserve it :-)
Regards,
Rahat.
-
[Revision Lecture] Online
Posted by Rahat Masood Monday 29 July 2024, 06:01:16 PM.
Hi All,
We are having online Revision lecture now. Please login into Zoom.
Regards,
-
[Reminder] Guest Lecture Today at 6:00pm
Posted by Rahat Masood Tuesday 23 July 2024, 02:41:38 PM.
Hi Everyone,
Just a reminder that we have our guest lecture today at 6:00 pm on DETECTION ENGINEERING from Adam Tanana, Senior Security Engineer, Google.
Please ensure your attendance.
Regards,
Rahat.
-
Week 9 Technical Lecture (Tuesday)
Posted by Lachlan Waugh 🍉 Monday 22 July 2024, 01:54:05 PM, last modified Tuesday 23 July 2024, 05:28:20 PM.
Hey everyone,
Quick amendment to Wesley's post from a few days ago. There will be a technical lecture on Tuesday this week, held by Adam Tanana, who's a Senior Security Engineer at Google, and is the Lecturer for COMP6447.
Monday: Wes
6-7pm: Professionalism
7-8pm: Extended (SIEMs)
Tuesday: Adam6-8pm: Detection Engineering -
Today's Lecture will be Online
Posted by Rahat Masood Monday 22 July 2024, 08:23:14 AM.
Hi Everyone,
Just like previous week, we will have our lecture fully online. The first hour will be on Professionalism and the second hour will be technical lecture. Both lectures will be delivered by Wesley.
Regards,
Rahat.
-
[Reminder] Today's Lecture is Online
Posted by Rahat Masood Monday 15 July 2024, 01:46:15 PM.
Hi Everyone,
Just a reminder that today's lecture will be fully online at Zoom. Ajoy Ghosh will be giving lecture on expert witnessing and presenting reports. Please attend.
Regards,
-
Guest Lectures - Next Week on Monday and Tuesday
Posted by Rahat Masood Friday 12 July 2024, 10:55:40 AM.
Dear Students,
Ajoy Ghosh will be taking professional lecture on Monday 6pm - onwards. We will have online lecture and no-in-person lecture on Monday. Also, there will be no technical lecture on Monday.
We will have technical lecture on Tuesday 6pm-onwards. Song Fang (from Atlassian), will be giving lecture on incident response on Tuesday.
Please try to attend both lectures as both guest lecturers are amazing.
Regards,
-
Assignment 2 Release && Networking Challenges Due Date Update
Posted by Nicholas Tandiono Monday 01 July 2024, 02:02:49 PM.
Some adjustments to due date:
- Assignment 2 has now been released and can be accessed on webcms3 under reports. This will be due on the 18 th of July @ 11.59 PM.
- Networking challenges will now be due on the 14 th of July @11.59 PM to provide some extra time.
All the best
From,
The Teaching Team
-
Ajoy Ghosh Professional Lecture is On
Posted by Rahat Masood Tuesday 25 June 2024, 06:07:29 PM, last modified Tuesday 25 June 2024, 08:01:05 PM.
Hi Everyone,
Ajoy Ghosh, our guest lecturer, is giving professional lecture today. Please join the zoom link. It is extremely impirtant lecture and hear his opinions on expert witnesses. The lecture will help you in report writing and investigations.
Regards,
-
More Week 5 Updates
Posted by Lachlan Waugh 🍉 Monday 24 June 2024, 02:07:17 PM, last modified Monday 24 June 2024, 02:08:51 PM.
Hey everyone, some quick updates for week 5:
Memory & Network Challenge Due Dates
We've bumped the due dates for the week 4 & 5 challenges to week 7 Monday (08/07)
Week 5 Lectures
Wes is ill, and won't be able to run the Monday lecture for this week, instead we'll be releasing a recording from last year, and Andrew will be hosting a help session on Wednesday 4-6pm here .
-
Week 5 Updates
Posted by Nicholas Tandiono Saturday 22 June 2024, 07:02:03 PM.
Hello Everyone!
Hope everyone is going well with Report 1
A few updates coming into Week 5:
1) There is no in-person lecture on Monday as it will be completely online and run by Wesley.
2) Week 1 Marks have been released on Moodle. To get full marks you were required to get 6 challenges for COMP6445 and 8 challenges for COMP6845 in the week 1 challenges. If there are any issues with the marks please reach out to the class account and it will be able to be resolved quickly.
-
Report 1 Extension
Posted by Nicholas Tandiono Thursday 20 June 2024, 04:54:10 PM.
Hello Everyone!
Hope you are all going well with the reports. Due to autopsy installation issues and week 2/3 challenge extensions spilling into this week, we will be providing everyone with an additional 3-day extension for the report. This means that the new due date for report 1 will be Wednesday 26th June at 11.55PM.
All the best with your reports.
From,
The Teaching Team
-
COMP6845 Thursday 4pm Tutorial Rescheduled to Friday at 6 PM
Posted by Rahat Masood Wednesday 19 June 2024, 02:54:28 PM.
Dear COMP6845 Students,
Lachlan is unavailable this Thursday at 4 PM to take his COMP6845 tutorial. Therefore, we have moved the tutorial to Friday at 6 PM. Students who are enrolled in the Thursday 4 PM tutorial should attend the Friday 6 PM tutorial for this week.
I am in conversation with the teaching team to permanently move this tutorial to Friday since Lachlan is not available for the Thursday 4 PM class.
If you have any issues, please don't hesitate to email us at cs6445@cse.unsw.edu.au .
Rahat.
-
Week 3 Challenge Extension
Posted by Nicholas Tandiono Saturday 15 June 2024, 08:03:29 PM, last modified Saturday 15 June 2024, 08:12:29 PM.
Hello everyone,
Due to unexpected autopsy installation issues especially for those on Macs, we have extended the due date for week 3 challenges to Week 4 Wednesday 11.59 PM. This provides an additional 2 days.
It is recommended to use a Windows Machine if you are on a Mac.
All the best!
-
Week 4 Monday Lecture Update
Posted by Nicholas Tandiono Saturday 15 June 2024, 09:34:49 AM.
Hello Everyone!
Hope you are going well with the challenges and enjoying the tutorial sessions. Just sharing that Wesley will be coming in-person from Perth to the lecture on Monday to give the technical lecture (professionalism will be moved to Tuesday)!
Come say hi, ask any questions you have whether about the course or his experiences.
-
Week 2 Professional Lecture Recording
Posted by Rahat Masood Wednesday 05 June 2024, 09:07:21 AM.
Hello Everyone!
Apologies for the reduced sound quality for the Week 2 Lecture 1 Recording. You are able to view last year's recording through the following link: https://www.youtube.com/watch?v=XWUImkD4NE0&ab_channel=SECedu which is of better quality. Content for this week is the same as the one presented in the video.
All the best with this week's tutorials and challenges!
-
Security Society Security Conference Call For Papers
Posted by Nicholas Tandiono Friday 31 May 2024, 12:23:04 PM.
Hello Everyone!
You may be interested in presenting a workshop or talk for the upcoming Security Society Conference on the 25th June. If you are, feel free to send a call for paper through the link below.
“
SCONES is UNSW Security Society's conference for students by students running June 25th, 2024. The conference aims to get students curious, interested, and excited to learn more about cybersecurity by bringing students, educators, industry professionals, and security enthusiasts together! However of course you can't have a conference without the amazing talks and workshops so we want your help!
“
-
Week 1 Updates - First Recording and Week 1 Challenges Due Date
Posted by Nicholas Tandiono Tuesday 28 May 2024, 04:26:50 PM.
Hi Everyone!
- The recording and slides for the first lecture is now available on WebCMS under "Lecture". Turnaround time for lecture recordings will be 1 day.
- Challenges are now available for week 1 through https://cases.jimsforensics.com/challenges where you are able to register (more information will be provided in the tutorials). Note that the new deadline of week 1 challenges will be Monday 11:55pm to give some extra time.
Hope everyone enjoys their first tutorial this week, and make sure to reach out to your tutor if you are having any issues!
(On behalf of the teaching team: Rahat Masood, Wesley Lacy, Andrew Wong, Lachlan Waugh, Nicholas Tandiono)
-
Welcome to Digital Forensics!
Posted by Nicholas Tandiono Friday 24 May 2024, 01:32:29 PM, last modified Friday 24 May 2024, 11:57:03 PM.
Hi everyone! Welcome to Digital Forensics 😊
Hope everyone is well rested after the Term 1 break and looking forward to another super interesting term. We are happy to announce a number of redeveloped areas of the course based on previous years’ feedback which is inclusive of the move from OpenLearning to WebCMS which have been implemented this term.
We are going to be using three online systems for COMP6[84]45. These are (1) WebCMS, (2) Ed Forum, and (3) Moodle.
WebCMS
- WebCMS can be accessed here https://webcms3.cse.unsw.edu.au/COMP6445/24T2/
- Please read through the Course Outline via the left-hand menu of WebCMS. It has everything in it that you need to know for now, including the assessment information, course schedule and so on.
- WebCMS is also where you will find lecture and tutorial slides as well as investigation instructions for challenges and reports.
Ed Forum
- We will be using Ed Forum for course discussion this term. You can find the forum here https://edstem.org/au/courses/16468/discussion/ and join through https://edstem.org/au/join/TTHPmE
Moodle (Will be made available at a later date)
- Moodle is where you will submit your reports, with the first due at the end of Week 4.
We have an amazing teaching team who are here to support you in any way possible and make the process of learning this course highly rewarding and engaging, so feel free to reach out to them if you have any concerns or issues. For any questions related to the course, please reach out to the class account cs6445@cse.unsw.edu.au – where the teaching team will also be able to help out with any queries you may have.
Looking forward to seeing everyone at the lectures and tutorials for an amazing term!
(On behalf of the teaching team: Rahat Masood, Wesley Lacy, Andrew Wong, Lachlan Waugh, Nicholas Tandiono)